Browse Alphabetically

proxy server

A proxy server is a dedicated computer or a software system running on a computer that acts as
an intermediary between an endpoint device, such as a computer, and another server from which a
user or client is requesting a service. The proxy server may exist in the same machine as a
firewall server or it may be on a separate server, which forwards requests through the firewall.

An advantage of a proxy server is that its cache can serve all users. If one or more Internet
sites are frequently requested, these are likely to be in the proxy's cache, which will improve
user response time. A proxy can also log its interactions, which can be helpful for troubleshooting.

Here’s a simple example of how proxy servers work:
When a proxy server receives a request for an Internet resource (such as a Web page), it looks in
its local cache of previously
pages. If it finds the page, it returns it to the user without needing to forward the request to
the Internet. If the page is not in the cache, the proxy server, acting as a client on behalf of
the user, uses one of its own IP
addresses to request the page from the server out on the Internet. When the page is returned,
the proxy server relates it to the original request and forwards it on to the user.

Proxy servers are used for both legal and illegal purposes. In the enterprise, a proxy server is
used to facilitate security, administrative control or caching services, among other purposes.
In a personal computing context, proxy servers are used to enable user privacy and anonymous surfing.
Proxy servers can also be used for the opposite purpose: To monitor traffic and undermine user
privacy.

To the user, the proxy server is invisible; all Internet requests and returned responses appear
to be directly with the addressed Internet server. (The proxy is not actually invisible; its IP
address has to be specified as a configuration option to
the browser or other protocol program.)

Users can access web proxies online or configure web browsers to constantly use a proxy server.
Browser settings include automatically detected and manual options for HTTP, SSL, FTP, and SOCKS proxies. Proxy servers may serve
many users or just one per server. These options are called shared and dedicated proxies,
respectively. There are a number of reasons for proxies and thus a number of types of proxy
servers, often in overlapping categories.

Forward and reverse proxy serversForward proxies send the requests of a client onward to a web server. Users access forward
proxies by directly surfing to a web proxy address or by configuring their Internet settings.
Forward proxies allow circumvention of firewalls and increase the privacy and security for a user
but may sometimes be used to download illegal materials such as copyrighted materials or child
pornography.

Reverse
proxies transparently handle all requests for resources on destination servers without
requiring any action on the part of the requester.

Reverse proxies are used:

To enable indirect access when a website disallows direct connections as a security
measure.

To allow for load balancing between severs.

To stream internal content to Internet users.

To disable access to a site, for example when an ISP or government wishes to
block a website.

Sites might be blocked for more or less legitimate reasons. Reverse proxies may be used to
prevent access to immoral, illegal or copyrighted content. Sometimes these reasons are justifiable
but sometimes justification is dubious. Reverse proxies sometimes prevent access news sites where
users could view leaked information. They can also prevent users from accessing sites where they
can disclose information about government or industry actions. Blocking access to such websites may
violate free speech rights.

More types of proxiesTransparent proxies are typically found near the exit of a corporate network. These proxies
centralize network traffic. On corporate networks, a proxy server is associated with -- or is part
of -- a gateway server that
separates the network from external networks (typically the Internet) and a firewall that protects
the network from outside intrusion and allows data to be scanned for security purposes before
delivery to a client on the network. These proxies help with monitoring and administering network
traffic as the computers in a corporate network are usually safe devices that do not need anonymity
for typically mundane tasks.

Anonymous proxies hide the IP address of the client using them allow to access materials
that are blocked by firewalls or to circumvent IP address bans. They may be used for enhanced
privacy and / or protection from attack.

Highly anonymous proxies hide even the fact that they are being used by clients and
present a non-proxy public IP address. So not only do they hide the IP address of the client using
them, they also allow access to sites that might block proxy servers. Examples of highly anonymous
proxies include I2P and TOR.

Socks 4 and 5 proxies
provide proxy service for UDP data and DNS look up operations in addition to Web traffic. Some
proxy servers offer both Socks protocols.

DNS
proxies forward domain name service (DNS) requests from LANs to Internet DNS servers while
caching for enhanced speed.

Proxy hacking
In proxy hacking, an
attacker attempts to steal hits from an authentic web page in a search engine's index and search
results pages. The proxy hacker would have a either a fraudulent site emulating the original or
whatever they felt like showing the clients requesting the page.

Here's how it works: The attacker creates a copy of the targeted web page on a proxy server and
uses methods such as keyword stuffing
and linking to the copied page from external sites to artificially raise its search engine ranking.
The authentic page will rank lower and may be seen as duplicated content, in which case a search
engine may remove it from its index.

This form of hacking can be also be used to deliver pages with malicious intent. Proxy hacking
can direct users to fake banking site, for example, to steal account info which can then be sold or
used to steal funds from the account. The attacker can also use the hack to direct users to a
malware-infected site to compromise their machines for a variety of nefarious purposes.

Some means have been developed to compromise proxy abilities. Specially crafted Flash and Java apps, Javascript, Active X and some other
browser plugins can be used to reveal a proxy user’s identity, so proxies should not be used on
untrusted sites or anywhere that anonymity is important.

Website owners who suspect they have been the victim of a proxy hack can test the theory by
searching for a phrase that would be almost uniquely identifying to the site. Their site should be
prominent on the search engine results page (SERP). If a second site with the same content shows
up, it may be a proxy page.

Eli the Computer Guy explains using proxies for hacking:

Proxy server security
Proxy servers in many forms enhance security but like many things in computing may be vulnerable
themselves. To prevent DoS attacks and
network intrusion, administrators should keep software up to date, use load balancing, enforce
secure authorization and authentication and block unsolicited traffic, malicious and open
proxies.

- Systems management is the administration of the information technology systems in an enterprise data center. An effective systems management plan facilitates the delivery of IT as a service (ITaaS)... (searchITOperations.com)

- Remote Procedure Call (RPC) is a protocol that one program can use to request a service from a program located in another computer on a network without having to understand the network's details. (SearchSOA.com)

Glossaries

- This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Certified OpenStack Administrator (COA) is a vendor-agnostic exam designed by the OpenStack Foundation in conjunction with a number of international partners to test an administrator's abilities in cloud management and day-to-day operations.